Security, FUD, and Windows TCO
-
Krebs On Security ☛ Who’s Behind the SWAT USA Reshipping Service?
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “Fearless,” the nickname chosen by the proprietor of the SWAT USA Drops service.
-
Security Week ☛ US Sanctions Russian National for Helping Ransomware Groups Launder Money
The US Treasury has sanctioned Ekaterina Zhdanova for laundering money on behalf of cybercriminals and Russian elites.
-
University of Michigan ☛ A gentle reminder that you are still responsible for your own safety on the internet [Ed: Way to distract from Microsoft crooks and their facilitators inside this institution selling out all present and former staff's files, details etc. and then passing them the bills]
On Oct. 23, the University of Michigan’s Information and Technology Services department sent out an email with new information regarding the internet outage that took place at the beginning of the school year.
-
Net2 ☛ Best Antivirus Software for Linux
GNU/Linux, like backdoored Windows and macOS, is an operating system that enables the execution of software on various devices, including computers, tablets, and smartphones. Unlike its competitors, GNU/Linux stands out as a completely free and open-source platform,allowing for extensive customization. However, similar to other operating systems, GNU/Linux is not immune to vulnerabilities and security threats.
-
SANS ☛ Exploit Activity for CVE-2023-22518, Atlassian Confluence Data Center and Server, (Mon, Nov 6th)
Last week, Atlassian published an advisory for CVE-2023-22518.
-
Security Week ☛ Exploitation of Critical Confluence Vulnerability Begins
Threat actors have started exploiting a recent critical vulnerability in Confluence Data Center and Confluence Server.
-
Bruce Schneier ☛ Crashing iPhones with a Flipper Zero
The Flipper Zero is an incredibly versatile hacking device. Now it can be used to crash iPhones in its vicinity by sending them a never-ending stream of pop-ups.
These types of hacks have been possible for decades, but they require special equipment and a fair amount of expertise. The capabilities generally required expensive SDRs—short for software-defined radios—that, unlike traditional hardware-defined radios, use firmware and processors to digitally re-create radio signal transmissions and receptions. The $200 Flipper Zero isn’t an SDR in its own right, but as a software-controlled radio, it can do many of the same things at an affordable price and with a form factor that’s much more convenient than the previous generations of SDRs...
-
Security Week ☛ Iranian APT Targets Israeli Education, Tech Sectors With New Wipers
The Iran-linked APT Agrius has been targeting higher education and technology organizations in Israel with new wipers.
-
Scoop News Group ☛ Europe is trading security for digital sovereignty
A proposed EU cybersecurity regulation would isolate Europe from the global cybersecurity industry with unpredictable consequences.
-
Cryptology ePrints Archive ☛ Passive SSH Key Compromise via Lattices [PDF]
We demonstrate that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included information like the shared Diffie-Hellman secret that would not be available to a passive network observer. We show that for the signature parameters commonly in use for SSH, there is an efficient lattice attack to recover the private key in case of a signature fault. We provide a security analysis of the SSH, IKEv1, and IKEv2 protocols in this scenario, and use our attack to discover hundreds of compromised keys in the wild from several independently vulnerable implementations.
-
Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation
-
Bleeping Computer ☛ Hackers exploit Looney Tunables Linux bug, steal cloud creds [Ed: This is not a Linux]
-
Security Week ☛ ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks [Ed: At least this site correctly describes this as a Glibc issue, not Linux]
Glibc vulnerability affecting major GNU/Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group.
-
-
Windows TCO
-
The Register UK ☛ Okta October breach affected 134 orgs, biz admits
Okta's report on the breach confirms much of what was previously known, but provides the first set of solid numbers of those affected, and notes that five of its 134 affected customers experienced their own intrusions - at least that Okta knows of.
-
Security Week ☛ American Airlines Pilot Union Recovering After Ransomware Attack
The Allied Pilots Association is restoring its systems after a file-encrypting ransomware attack.
-